Add option for additional groups to user meta definition

machines/nucturne/default.nix

@@ -1,6 +1,11 @@
-{ config, pkgs, inputs, nixos-hardware, ... }: {
-  imports =
-    [ ../../common/users.nix ./hardware-configuration.nix ./software.nix ];
+{
+  config,
+  pkgs,
+  inputs,
+  nixos-hardware,
+  ...
+}: {
+  imports = [../../common/users.nix ./hardware-configuration.nix ./software.nix];
 
   elss = {
     # base system
@@ -29,10 +34,10 @@
     openvpn.enable = true;
 
     # nm-networks
-    networking.nmConnections = [ ];
+    networking.nmConnections = [];
 
     # enable sops
-    sops = { enable = true; };
+    sops = {enable = true;};
 
     # enable wireguard
     wireguard.enable = true;
@@ -40,17 +45,22 @@
     # user setup
     users = {
       enable = true;
-      admins = [ "ellmau" ];
-      users = [ ];
+      admins = ["ellmau"];
+      users = [];
 
-      meta = { ellmau.git = { signDefault = true; }; };
+      meta = {
+        ellmau = {
+          git = {signDefault = true;};
+          extraGroups = ["networkmanager"];
+        };
+      };
     };
   };
 
   boot = {
-    extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
+    extraModulePackages = [config.boot.kernelPackages.v4l2loopback];
 
-    kernelModules = [ "v4l2loopback" ];
+    kernelModules = ["v4l2loopback"];
 
     plymouth.enable = true;
   };

machines/stel-xps/default.nix

@@ -1,4 +1,10 @@
-{ config, pkgs, inputs, nixos-hardware, ... }: {
+{
+  config,
+  pkgs,
+  inputs,
+  nixos-hardware,
+  ...
+}: {
   imports = [
     ../../common/users.nix
     ./printer.nix
@@ -34,10 +40,10 @@
     openvpn.enable = true;
 
     # nm-networks
-    networking.nmConnections = [ "tartaros" "eduroam" ];
+    networking.nmConnections = ["tartaros" "eduroam"];
 
     # enable sops
-    sops = { enable = true; };
+    sops = {enable = true;};
 
     # enable wireguard
     wireguard.enable = true;
@@ -45,23 +51,26 @@
     # user setup
     users = {
       enable = true;
-      admins = [ "ellmau" ];
-      users = [ ];
+      admins = ["ellmau"];
+      users = [];
 
       meta = {
-        ellmau.git = {
-          key = "0x4998BEEE";
-          gpgsm = true;
-          signDefault = true;
+        ellmau = {
+          git = {
+            key = "0x4998BEEE";
+            gpgsm = true;
+            signDefault = true;
+          };
+          extraGroups = ["networkmanager"];
         };
       };
     };
   };
 
   boot = {
-    extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
+    extraModulePackages = [config.boot.kernelPackages.v4l2loopback];
 
-    kernelModules = [ "v4l2loopback" ];
+    kernelModules = ["v4l2loopback"];
 
     plymouth.enable = true;
   };

modules/users.nix

@@ -45,6 +45,12 @@ with lib; {
               type = types.str;
               description = "Email address of the user";
             };
+            extraGroups = mkOption {
+              type = types.listOf types.str;
+              description = "additional groups to add";
+              default = [];
+            };
+
             git = mkOption {
               type = types.submodule {
                 options = {
@@ -92,7 +98,7 @@ with lib; {
       inherit (meta) description;
       isNormalUser = true;
       home = "/home/${login}";
-      extraGroups = [];
+      extraGroups = meta.extraGroups;
       openssh.authorizedKeys.keys = meta.publicKeys;
     };